Getting Error When Activating Changes vi /em After a New Certificate installed and HTTP Listener is Configured to Use the New Certificate (Doc ID 2460524.1)

Last updated on JUNE 08, 2023

Applies to:

Symptoms

Getting below error on the /em console when trying to use a newly installed certificate:

An error occurred during activation of changes, please see the log for details.

[Management:141190]The commit phase of the configuration update failed with an exception.

There are 1 nested Exceptions: weblogic.nodemanager.NMException: Received error message from Node Manager Server: [Node Manager command 'COMMIT_CHANGELIST' failed unexpectedly due to: [OTD-67801 Commit failed with the following errors: OTD-67804 Error while updating instance 'otd_ConfigName_MachineName': OTD-67757 An error occurred while reconfiguring the instance. [ERROR:16] [OTD-10167] Found only 0 certificate(s) out of 1 certificate(s) needed. [ERROR:16] [OTD-10173] Searched for certificate with subject "CN=host1.domain,OU=xxxx,O=xxxx,L=xxx,C=xx, issuer CN=MyRootCA,O=xxx,C=xx and serial number <SERIAL_NUMBER> . [ERROR:16] [OTD-10172] Unable to get matching server certificate(s) information. [ERROR:32] [OTD-10127] Error setting SSL parameters for HTTP listener [ERROR:32] [OTD-10492] New configuration not installed ]. Please check Node Manager log and/or server log for detailed information.]. Please check Node Manager log for details.

The Java Keystore containing a chain of certificates including the new certificate and its key along with the Intermediate CA certificate and CA certificate was imported successfully using the wlst command:

wls:/offline> connect('USERNAME','PASSWORD','t3://host:port)

Connecting to t3://host:port with userid weblogic ...

Successfully connected to Admin Server "AdminServer" that belongs to domain "otd_domain".

Warning: An insecure protocol was used to connect to the server.

To ensure on-the-wire security, the SSL port or Admin port should be used instead.

wls:/otd_domain/serverConfig/> svc = getOpssService("KeyStoreService")

wls:/otd_domain/serverConfig/> svc.importKeyStore(appStripe='OTD', name='CONFIG_NAME', password='PASSWORD', aliases='MyAlias', keypasswords='PASSWORD', type='JKS', permission=true, filepath='<PATH>/keystore..jks')

Location changed to domainRuntime tree. This is a read-only tree

with DomainMBean as the root MBean.

For more help, use help('domainRuntime')

The DOMAIN/sysman/logs/emmos.log shows below error that corresponds to the error seen on the /em console:

2018-10-10 14:27:22,754 [[ACTIVE] ExecuteThread: '30' for queue: 'weblogic.kernel.Default (self-tuning)'] WARN internal.WLSEditSessionManagerImpl logp.251 - Exception recevied in commitTransaction

oracle.sysman.emInternalSDK.sdkas.general.pojo.changemgmt.MBeanTargetException: [Management:141190]The commit phase of the configuration update failed with an exception.<br> There are 1 nested Exceptions:

weblogic.nodemanager.NMException: Received error message from Node Manager Server: [Node Manager command 'COMMIT_CHANGELIST' failed unexpectedly due to: [OTD-67801 Commit failed with the following errors:

OTD-67804 Error while updating instance 'otd_ConfigName_MachineName':

OTD-67757 An error occurred while reconfiguring the instance.

[ERROR:16] [OTD-10167] Found only 0 certificate(s) out of 1 certificate(s) needed.

[ERROR:16] [OTD-10173] Searched for certificate with subject "CN=host1.domain,OU=xxxx,O=xxxx,L=xxx,C=xx, issuer CN=MyRootCA,O=xxx,C=xx and serial number <SERIAL_NUMBER> .

[ERROR:16] [OTD-10172] Unable to get matching server certificate(s) information.

[ERROR:32] [OTD-10127] Error setting SSL parameters for HTTP listener

[ERROR:32] [OTD-10492] New configuration not installed

]. Please check Node Manager log and/or server log for detailed information.]. Please check Node Manager log for details.

at oracle.sysman.emas.sdk.changemgmt.internal.WLSEditSessionManagerImpl.commitSession(WLSEditSessionManagerImpl.java:385)

at oracle.sysman.emas.sdk.changemgmt.internal.ConfigurationSessionManagerImpl.commitTransaction(ConfigurationSessionManagerImpl.java:583)

at oracle.sysman.as.wlsc.model.changemgmt.ChangeCenterRegionModelBean.doConfigurationSessionAction(ChangeCenterRegionModelBean.java:787)

at oracle.sysman.as.wlsc.ui.view.changemgmt.ChangeCenterRegionViewBean._doConfigurationSessionAction(ChangeCenterRegionViewBean.java:713)

at oracle.sysman.as.wlsc.ui.view.changemgmt.ChangeCenterRegionViewBean._doConfigurationSessionAction(ChangeCenterRegionViewBean.java:681)

at oracle.sysman.as.wlsc.ui.view.changemgmt.ChangeCenterRegionViewBean.doActivateChanges(ChangeCenterRegionViewBean.java:824)

at sun.reflect.GeneratedMethodAccessor6139.invoke(Unknown Source)

at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

at java.lang.reflect.Method.invoke(Method.java:497)

at com.sun.el.util.ReflectionUtil.invokeMethod(ReflectionUtil.java:181)

at com.sun.el.parser.AstValue.invoke(AstValue.java:289)

Prior to above error there is also below error showing in the logs:

2018-10-10 14:01:50,607 [[ACTIVE] ExecuteThread: '42' for queue: 'weblogic.kernel.Default (self-tuning)'] WARN changemgmt.ChangeCenterRegionViewBean logp.251 - Exception occurs while calling _doConfigurationSessionAction

oracle.sysman.emSDK.app.exception.EMSystemException

at oracle.sysman.as.wlsc.model.changemgmt.ChangeCenterRegionModelBean.doConfigurationSessionAction(ChangeCenterRegionModelBean.java:820)

at oracle.sysman.as.wlsc.ui.view.changemgmt.ChangeCenterRegionViewBean._doConfigurationSessionAction(ChangeCenterRegionViewBean.java:713)

at oracle.sysman.as.wlsc.ui.view.changemgmt.ChangeCenterRegionViewBean._doConfigurationSessionAction(ChangeCenterRegionViewBean.java:681)

at oracle.sysman.as.wlsc.ui.view.changemgmt.ChangeCenterRegionViewBean.doActivateChanges(ChangeCenterRegionViewBean.java:824)

at sun.reflect.GeneratedMethodAccessor6139.invoke(Unknown Source)

at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

at java.lang.reflect.Method.invoke(Method.java:497)

...

... 103 more

Caused by: weblogic.management.mbeanservers.edit.NotEditorException: weblogic.management.provider.EditNotEditorException: Not edit lock owner

at weblogic.management.mbeanservers.edit.internal.ConfigurationManagerMBeanImpl.save(ConfigurationManagerMBeanImpl.java:329)

at sun.reflect.GeneratedMethodAccessor5488.invoke(Unknown Source)

at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

at java.lang.reflect.Method.invoke(Method.java:497)

at weblogic.management.jmx.modelmbean.WLSModelMBean.invoke(WLSModelMBean.java:531)

...

Caused by: weblogic.management.provider.EditNotEditorException: Not edit lock owner

at weblogic.management.provider.internal.EditAccessImpl.checkEditLock(EditAccessImpl.java:2300)

at weblogic.management.provider.internal.EditAccessImpl.saveChanges(EditAccessImpl.java:1510)

Changes

Cause

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.